/**
 * 
 */
package com.feib.stms.security.core.userdetails;

import java.util.ArrayList;
import java.util.Collection;
import java.util.Date;
import java.util.Set;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.GrantedAuthorityImpl;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.util.Assert;

import com.feib.stms.model.Role;
import com.feib.stms.model.User;

/**
 * @author Jimmy Liu
 *
 */
public class StmsUserDetailsWrapper implements UserDetails {

	private static final long serialVersionUID = -8475209025749216970L;

	protected Logger logger = LoggerFactory.getLogger(this.getClass());
	
    private String rolePrefix = "ROLE_";
	
	private User user;
	
    private Collection<GrantedAuthority> auths ;

	public StmsUserDetailsWrapper(User user) {
		super();
		Assert.notNull(user, "user can't be null");
		this.user = user;
		
        auths = new ArrayList<GrantedAuthority>();

        // 獲得用戶的角色
        Set<Role> roles = user.getRoles();
        StringBuffer logTxt = new StringBuffer();
        
        if (null != roles)
        {
	        for (Role r : roles) {
	            GrantedAuthorityImpl grantedAuthorityImpl = new GrantedAuthorityImpl(rolePrefix + r.getRolePk()+ "_" + r.getRoleNo() + "_" + r.getRoleName()); // 格式請對應 StmsFilterInvocationSecurityMetadataSource
	            logTxt.append(grantedAuthorityImpl.getAuthority()).append(",");
	            
	            auths.add(grantedAuthorityImpl);
	        }
        }
        
        if (logger.isDebugEnabled()) {
        	
            logger.debug("用戶：[" + user.getUserPk() + "_" + user.getUserId() + "]， 擁有角色：[" + logTxt + "]");
        }
	}

	/* (non-Javadoc)
	 * @see org.springframework.security.core.userdetails.UserDetails#getAuthorities()
	 */
	public Collection<GrantedAuthority> getAuthorities() {
		return auths;
	}

	/* (non-Javadoc)
	 * @see org.springframework.security.core.userdetails.UserDetails#getPassword()
	 */
	public String getPassword() {
		return user.getUserPwd();
	}

	/* (non-Javadoc)
	 * @see org.springframework.security.core.userdetails.UserDetails#getUsername()
	 */
	public String getUsername() {
        return user.getUserId();
	}

	/* (non-Javadoc)
	 * @see org.springframework.security.core.userdetails.UserDetails#isAccountNonExpired()
	 */
	public boolean isAccountNonExpired() {
        return true;
	}

	/* (non-Javadoc)
	 * @see org.springframework.security.core.userdetails.UserDetails#isAccountNonLocked()
	 */
	public boolean isAccountNonLocked() {
        return (null == user.getLocked() ? true : !user.getLocked().booleanValue());
	}

	/* (non-Javadoc)
	 * @see org.springframework.security.core.userdetails.UserDetails#isCredentialsNonExpired()
	 */
	public boolean isCredentialsNonExpired() {
		if (null == user.getPwdExpiredDate())
			return true;
        return !new Date().after(user.getPwdExpiredDate());
	}

	/* (non-Javadoc)
	 * @see org.springframework.security.core.userdetails.UserDetails#isEnabled()
	 */
	public boolean isEnabled() {
        return (null == user.getEnabled() ? false :user.getEnabled().booleanValue());
	}

	/**
	 * @return user
	 */
	public User getUser() {
		return user;
	}

}
